# # 

What is claimed is: 

1. A system for providing a framework for network appliance 
management in a distributed computing environment, comprising: 

an appliance status table recording a status report periodically received 
from each of a plurality of network appliances, each status report containing 
health and status information and application-specific data for each network 
appliance; and 

a catalog server maintaining configuration settings for each network 
appliance progressively assembled concurrent to providing installable 
components and dynamically providing a catalog listing currently installable 
components for each network appliance based on the configuration settings. 

2. A system according to Claim 1, further comprising: 

a network operations center establishing a secure session with each 
network appliance. 

3. A system according to Claim 1, further comprising: 

a network operations center installing an initial set of installable 
components on each network appliance during a bootstrap configuration. 

4. A system according to Claim 1, wherein the currently installable 
components comprise at least one self-installable package, further comprising: 

a component server supplying the at least one package for installation 
responsive to a request from one such network appliance. 

5. A system according to Claim 4, further comprising: 

a crypto module digitally signing the at least one package for the network 
operations center prior to being supplied for installation. 

6. A system according to Claim 4, further comprising: 

a crypto module encrypting the at least one package prior to being 
supplied for installation. 
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7. A system according to Claim 1, wherein the installable 
components comprise at least one file, further comprising: 

a component server supplying the at least one file responsive to a request 
from one such network appliance. 

8. A system according to Claim 7, wherein the component server 
establishes a secure session prior to the at least one file being supplied for 
installation. 

9. A system according to Claim 7, further comprising: 

a file information subdirectory specifying installation instructions for the 
at least one file in a pre-determined entry prior to the at least one file being 
supplied for installation. 

10. A system according to Claim 1, further comprising: 

a proxy component server staging the cunently installable components for 
retrieval in a separate components database. 

11. A system according to Claim 1, wherein the distributed computing 
environment is TCP/IP-compliant. 

12. A method for providing a framework for network appliance 
management in a distributed computing environment, comprising: 

recording a status report periodically received from each of a plurality of 
network appliances, each status report containing health and status information 
and application-specific data for each network appliance; 

maintaining configuration settings for each network appliance 
progressively assembled concurrent to providing installable components; and 

dynamically providing a catalog listing currently installable components 
for each network appliance based on the configuration settings. 

13. A method according to Claim 12, further comprising: 
establishing a secure session with each network appliance. 
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1 14. A method according to Claim 12, further comprising: 

2 installing an initial set of installable components on each network 

3 appliance during a bootstrap configuration. 

1 15. A method according to Claim 12, wherein the currently installable 

2 components comprise at least one self-installable package, further comprising: 

3 supplying the at least one package for installation responsive to a request 

4 from one such network appliance. 

1 16. A method according to Claim 15, further comprising: 

Q 2 digitally signing the at least one package prior to being supplied for 

S 3 installation. 

m 

1 17. A method according to Claim 15, further comprising: 

Q 

m 2 encrypting the at least one package prior to being supplied for installation. 

M 1 18. A method according to Claim 12, wherein the installable 

f^ 2 components comprise at least one file, further comprising: 

iff 

p 3 supplying the at least one file responsive to a request from one such 

ry 4 network appliance. 

1 19. A method according to Claim 18, further comprising: 

2 establishing a secure session prior to the at least one file being supplied for 

3 installation. 

1 20. A method according to Claim 18, further comprising: 

2 specifying installation instructions for the at least one file in a pre- 

3 determined entry prior to the at least one file being supplied for installation. 

1 21. A method according to Claim 12, further comprising: 

2 staging the currently installable components for retrieval in a separate 

3 components database. 
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1 22. A method according to Claim 12, wherein the distributed 

2 computing environment is TCP/IP-compliant. 

1 23. A computer-readable storage medium holding code for performing 

2 the method according to Claims 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, or 22. 

1 24. A system for autonomously managing a network appliance 

2 deployed within a distributed computing environment, comprising: 

3 an internal catalog of components installed on one such network appliance 

4 identified by component and version; and 

^ 5 a status daemon periodically providing a status report containing health 

O 6 and status information and application-specific data for the one such network 

m 7 appliance; and 

w * 
hi. 8 

8 a catalog checker obtaining a catalog of currently installable components 

fy 9 dynamically generated for the one such network appliance and determining non- 

p 10 current components by comparing the components and versions listed in the 

M- 11 obtained catalog against the internal catalog. 

m 

p 1 25. A system according to Claim 24, further comprising: 

2 a network operations center negotiating a secure connection with the one 

3 such network appliance. 

1 26. A system according to Claim 24, further comprising: 

2 an initial plug-in executed on the one such network appliance. 

1 27. A system according to Claim 24, further comprising: 

2 a post plug-in executed on the one such network appliance. 

1 28. A system according to Claim 24, further comprising: 

2 a network operations center broadcasting a query message to each such 
. 3 network appliance to trigger a status report. 

1 29. A system according to Claim 24, wherein the components 

2 comprise at least one self-installable package, further comprising: 
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an installer obtaining the at least one self -installable package and installing 
the at least one self-installable package per instructions encoded therein. 

30. A system according to Claim 29, wherein the components further 
comprise at least one file dependent on the at least one self-installable package, 
further comprising: 

an installer obtaining the at least one file subsequent to installing the at 
least one self-installable package and installing the at least one self-installable 
package per instructions stored in a pre-determined entry. 

31. A system according to Claim 29, further comprising: 

a component server negotiating a non-secure session prior to obtaining the 
at least one self-installable package. 

32. A system according to Claim 29, further comprising: 

a crypto module at least one of authenticating and decrypting the at least 
one self-installable package prior to installing the at least one self-installable 
package. 

33. A system according to Claim 29, wherein the instructions comprise 
an executable installation program plus one or more files to be installed. 

34. A system according to Claim 29, wherein the components further 
comprise at least one file, further comprising: 

an installer obtaining the at least one file and installing the at least one 
self-installable package per instructions stored in a pre-determined entry. 

35. A system according to Claim 34, further comprising: 

a component server negotiating a secure session prior to obtaining the at 
least one self-installable package. 

36. A system according to Claim 34, wherein the pre-determined entry 
comprise a file information subdirectory identifying installiation instructions. 
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1 37. A system according to Claim 29, wherein at least one such network 

2 appliance performs one of electronic mail anti-virus scanning, content filtering, 

3 packet routing, and file, Web and print servicing. 

1 38. A system according to Claim 29, wherein the distributed 

2 computing environment is TCP/IP-compliant. 

1 39. A method for autonomously managing a network appliance 

2 deployed within a distributed computing environment, comprising: 

3 maintaining an internal catalog of components installed on one such 
p 4 network appliance identified by component and version; 

Q 5 periodically providing a status report containing health and status 

§1 6 information and application-specific data for the one such network appliance; 

p 7 obtaining a catalog of currently installable components dynamically 

nJ 8 generated for the one such network appliance; and 

8 

Q 9 determining non-current components by comparing the components and 

10 versions listed in the obtained catalog against the internal catalog. 

m 

P . 1 40. A method according to Claim 39, further comprising: 

2 negotiating a secure connection with the one such network appliance. 

1 41. A method according to Claim 39, further comprising: 

2 executing an initial plug-in on the one such network appliance. 

1 42. A method according to Claim 39, further comprising: 

2 executing a post plug-in on the one such network appliance. 

1 43. A method according to Claim 39, further comprising: 

2 broadcasting a query message to each such network appliance to trigger a 

3 status report. 

1 44. A method according to Claim 39, wherein the components 

2 comprise at least one self -installable package, further comprising: 

3 obtaining the at least one self-installable package; and 
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4 installing the at least one self-installable package per instructions encoded 

5 therein. 

1 45. A method according to Claim 44, wherein the components further 

2 comprise at least one file dependent on the at least one self-installable package, 

3 further comprising: 

4 obtaining the at least one file subsequent to installing the at least one self- 

5 installable package; and 

6 installing the at least one self-installable package per instructions stored in 

7 a pre-determined entry. 



g 1 46. A method according to Claim 44, further comprising: 

m 2 negotiating a non-secure session prior to obtaining the at least one self- 

3 mstallable package. 

ry 1 47. A method according to Claim 44, further comprising: 

Q 2 at least one of authenticating and decrypting the at least one self- 

^ 3 installable package prior to installing the at least one self-installable package. 



1 48. A method according to Claim 44, wherein the instructions 

2 comprise an executable installation program plus one or more files to be installed. 

1 49. A method according to Claim 39, wherein the components further 

2 comprise at least one file, further comprising: 

3 obtaining the at least one file; and 

4 installing the at least one self-installable package per instmctions stored in 

5 a pre-determined entry. 

1 50. A method according to Claim 49, further comprising: 

2 negotiating a secure session prior to obtaining the at least one self- 

3 installable package. 

1 51. A method according to Claim 49, wherein the pre-determined entry 

2 comprise a file information subdirectory identifying installation instructions. 
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52. A method according to Claim 39, wherein at least one such 
network appliance performs one of electronic mail anti-virus scanning, content 
jBltering, packet routing, and file, Web and print servicing. 

53. A method according to Claim 39, wherein the distributed 
computing enviroimient is TCP/IP-compliant. 

54. A computer-readable storage medium holding code for performing 
the method according to Claims 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 
52, or 53. 
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